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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MO NTH (S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)K Responsive to communication(s) filed on 30 November 2001 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 
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8) D Claim(s) are subject to restriction and/or election requirement. 
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Priority under 35 U.S.C. § 119 

12) [3 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)[3 All b)Q Some * c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 
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DETAILED ACTION 

This office action is responsive to communication filed on 1 1/30/2001 . Claimed priority 
is granted from Provisional application 60258087 with a priority date of 12/22/2000. 

Information Disclosure Statement 

1 . The references listed on the Information Disclosure Statements submitted on 
03/14/2005, 03/17/2004, 03/15/2004, 02/28/2002, and 07/03/2003 have been 
considered by the examiner (see attached PTO-1449A). 



Double Patenting Rejections 

2. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public 
policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension 
of the "right to exclude" granted by a patent and to prevent possible harassment by multiple assignees. 
See In re Goodman, 1 1 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 
USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re 
Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970);and, In re Thorington, 418 F.2d 528, 163 USPQ 
644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) may be used to overcome an 
actual or provisional rejection based on a nonstatutory double patenting ground provided the 
conflicting application or patent is shown to be commonly owned with this application. See 37 CFR 
1.130(b). 

Effective January 1 , 1 994, a registered attorney or agent of record may sign a terminal disclaimer. A 
terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). 

3. Claims 1-47 are provisionally rejected under the judicially created doctrine of 
obviousness-type double patenting as being unpatentable over claims 1-34 of 
copending Application No. 09/999,177. Although the conflicting claims are not identical, 
they are not patentably distinct from each other because of the noticed problems below, 
which are just exemplary : 

Claims 1-3 of Application # 09/999,177 contains every element of claims 1-3 of 



the instant application and as such anticipates claim 1-3 of the instant application. 
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This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1-47 are rejected under 35 U.S.C. 102(e) as being anticipated by Hayes 
(Hayes), Patent No. 6,105,066. 

Regarding claim 1, Hayes discloses a method for determining members of a 
group, comprising the steps of: determining nested members of a first group; and 
reporting said nested members of said first group (column 20, lines 16-51; column lines 
36-67; fig. 22, and 23). 

Regarding claim 2, Hayes discloses a method according to claim 1, wherein: 
said nested members include members of multiple levels of nested groups (column 20, 
lines 16-51; fig. 22 and 23). 

Regarding claim 3, Hayes discloses a method according to claim 1, wherein: 
said step of determining nested members includes recursively determining members of 
group members (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; column 
8, lines 1-31). 
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Regarding claim 4, Hayes discloses a method according to claim 1, wherein said 
step of determining nested members includes the steps of: determining all static group 
members of said first group; determining all static and dynamic members of said group 
members of said first group (column 20, lines 16-51; fig. 22 and 23); determining all 
group members of said group members of said first group (column 20, lines 16-51; fig. 
22 and 23; column 8, lines 39-43); and determining all static and dynamic members of 
said group members of said group members of said first group (column 20, lines 16-51 ; 
fig. 19, items 22 and 23). 

Regarding claim 5, Hayes discloses a method according to claim 1 , further 
comprising the steps of: determining dynamic members of said first group; and reporting 
said dynamic members of said first group (column 20, lines 1 6-51 ; fig. 1 9, items 22 and 
23). 

Regarding claim 6, Hayes discloses a method according to claim 5, wherein: 
said first group and nested groups of said first group include rules defining criteria for 
being dynamic members (column 20, lines 16-51; fig. 19, items 22 and 23). 

Regarding claim 7, Hayes discloses a method according to claim 6, wherein said 
step of determining dynamic members includes the steps of: determining a normalized 
set of said rules; and determining which users are defined by said normalized set of 
said rules, said users defined by said normalized set of said rules are said dynamic 
members of said first group (column 20, lines 16-51; fig. 19, items 22 and 23). 

Regarding claim 8, Hayes discloses a method according to claim 5, further 
comprising the steps of: storing an identification of said nested members and said 
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dynamic members in one or more attributes of said first group (column 20, lines 16-51 ; 
column 8, lines 32-55; fig. 19, items 22 and 23); and reporting said nested members 
and said dynamic members from said one or more attributes of said first group, without 
repeating said steps of determining dynamic members and determining nested 
members, in response to a request for members of said first group (column 17, lines 5- 
35). 

Regarding claim 9, Hayes discloses a method according to claim 5, further 
comprising the steps of: storing an identification of said nested members and said 
dynamic members in a static member attribute of said first group (column 20, lines 16- 
51; column 8, lines 32-55; fig. 19, items 22 and 23); and reporting said nested members 
and said dynamic members from said static member attribute of said first group, without 
repeating said steps of determining dynamic members and determining nested 
members, in response to a request for members of said first group (column 17, lines 5- 
35). 

Regarding claim 10, Hayes discloses a method according to claim 1, further 
comprising the steps of: determining static members of said first group; determining 
dynamic members of said first group; and reporting said static members and said 
dynamic members of said first group (column 20, lines 16-51; column 8, lines 32-55; fig. 
19, items 22 and 23; column 17, lines 5-35). 

Regarding claim 11, Hayes discloses a method according to claim 10, wherein: 
said nested members include members of multiple levels of nested groups; and said 
step of determining nested members includes recursively determining members of 
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group members (column 20, lines 16-51; column 8, lines 32-55; fig. 19, items 22 and 23; 
column 17, lines 5-35). 

Regarding claim 12, Hayes discloses a method according to claim 1 1 , wherein: 
said first group and nested groups of said first group include rules defining criteria for 
being dynamic members; and said step of determining dynamic members includes 
determining a normalized set of said rules and determining which users are defined by 
said normalized set of said rules, said users defined by said normalized set of said rules 
are said dynamic members of said first group (column 20, lines 16-51 ; column 8, lines 
32-55; fig. 19, items 22 and 23; column 17, lines 5-35). 

Regarding claim 13, Hayes discloses a method according to claim 10, wherein: 
said nested members include members of multiple levels of nested groups; and said 
steps of determining nested members, determining static members and determining 
dynamic members are performed by an integrated identity and access system (column 
20, lines 16-51; column 8, lines 32-55; fig. 19, items 22 and 23; column 17, lines 5-35). 

Regarding claim 14, Hayes discloses a method according to claim 13, wherein: 
said integrated identity and access system is capable of performing authorization 
services based on membership in said first group (column 20, lines 16-51; column 8, 
lines 32-55; fig. 19, items 22 and 23; column 17, lines 5-35). 

Regarding claim 15, Hayes discloses a method for identifying members of a 
group, comprising the steps of: determining dynamic members of a first group; storing 
an identification of each of said dynamic members of said first group (column 20, lines 
16-51; column lines 36-67; fig. 22, and 23); receiving a request to report members of 
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said first group, said request is received subsequent to said step of storing (column 20, 
lines 16-51; column lines 36-67; fig. 22, and 23); and reporting said dynamic members 
of said first group in response to said request, said reporting of said dynamic members 
is performed based on said stored identification of said dynamic members (column 20, 
lines 16-51; column 8, lines 32-55; fig. 19, items 22 and 23). 

Regarding claim 16, Hayes discloses a method according to claim 15, wherein: 
said first group includes one or more static members; an identification of each of said 
static members is stored in a static member attribute for an identity profile of said first 
group; and said identification of each of said dynamic members is stored in said static 
member attribute for said identity profile of said first group (column 20, lines 16-51; 
column 8, lines 32-55; fig. 19, items 22 and 23). 

Regarding claim 17, Hayes discloses a method according to claim 15, wherein: 
said first group includes one or more static members; an identification of each of said 
static members is stored in a static member attribute for an identity profile of said first 
group; said identity profile of said first group also includes an expansion attribute; and 
said method can only be performed if said expansion attribute includes an appropriate 
value (column 20, lines 16-51; column 8, lines 32-55). 

Regarding claim 18, Hayes discloses a method according to claim 17, wherein: 
said identity profile of said first group also includes a dynamic rule attribute which stores 
a rule that defines dynamic membership for said first group; and said method can only 
be performed for an entity having access to said expansion attribute and said dynamic 
rule attribute (column 20, lines 16-51; column 8, lines 32-55; fig. 19, items 22 and 23). 
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Regarding claim 19, Hayes discloses a method according to claim 15, wherein: 
said steps of determining and storing are automatically repeated (column 20, lines 16- 
51; column 18, lines 36-67). 

Regarding claim 20, Hayes discloses a method according to claim 15, wherein: 
said steps of determining, storing and receiving are performed by an integrated identity 
and access system (column 20, lines 16-51; column 8, lines 32-55). 

Regarding claim 21, Hayes a method according to claim 20, wherein: said 
integrated identity and access system is capable of performing authorization services 
based on membership in said first group (column 20, lines 16-51; column 8, lines 32-55; 
column 6, lines 21-67). 

Regarding claim 22, Hayes a method according to claim 15, further comprising 
the steps of: determining nested members of said first group; and storing an 
identification of each of said nested members of said first group, said step of reporting 
includes reporting said nested members based on said stored identification of said 
nested members (column 20, lines 16-51; column 8, lines 32-55; column 6, lines 21-67). 

Regarding claim 23, Hayes a method according to claim 22, wherein: said 
nested members include members of multiple levels of nested groups (column 20, lines 
16-51; column 8, lines 32-55; column 6, lines 21-67). 

Regarding claim 24, Hayes a method according to claim 22, wherein: said step 
of determining nested members includes recursively determining members of group 
members (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; column 8, 
lines 1-31). 
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Regarding claim 25, Hayes a method according to claim 22, wherein: said first 
group includes one or more static members; and said step of reporting includes 
reporting said static members (column 20, lines 16-51; fig. 22 and 23; column 17, lines 
36-48; column 8, lines 1-31). 

Regarding claim 26, Hayes a method according to claim 15, wherein said step of 
determining nested members includes the steps of: determining all static group 
members of said first group; determining all static and dynamic members of said static 
group members of said first group (column 20, lines 16-51; fig. 22 and 23; column 17, 
lines 36-48; column 8, lines 1-31); determining all static group members of said static 
group members of said first group; and determining all members of said static group 
members of said static group members of said first group (column 20, lines 16-51; fig. 
22 and 23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 27, Hayes a method according to claim 15, wherein: said first 
group and nested groups of said first group include rules defining criteria for being 
dynamic members; and said step of determining dynamic members includes the steps 
of determining a normalized set of said rules and determining which users are defined 
by said normalized set of said rules, said users defined by said normalized set of said 
rules are said dynamic members of said first group (column 20, lines 16-51; fig. 22 and 
23; column 17, lines 36-48; column 8, lines 1-31).. 

Regarding claim 28, Hayes a method according to claim 15, wherein: said first 
group includes one or more static members; and said step of reporting includes 
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reporting said static members (column 20, lines 16-51; fig. 22 and 23; column 17, lines 
36-48; column 8, lines 1-31). 

Regarding claim 29, Hayes one or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, 
said processor readable code for programming one or more processors to perform a 
method comprising the steps of: determining nested members of a first group; and 
reporting said nested members of said first group (column 20, lines 16-51 ; fig. 22 and 
23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 30, Hayes one or more processor readable storage devices 
according to claim 29, wherein: said nested members include members of multiple 
levels of nested groups (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; 
column 8, lines 1-31). 

Regarding claim 31, Hayes one or more processor readable storage devices 
according to claim 29, wherein: said step of determining nested members includes 
recursively determining members of group members (column 20, lines 16-51; fig. 22 
and 23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 32, Hayes one or more processor readable storage devices 
according to claim 29, wherein said method further comprises the steps of: determining 
static members of said first group; determining dynamic members of said first group; 
and reporting said static members and said dynamic members of said first group 
(column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; column 8, lines 1-31). 
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Regarding claim 33, Hayes one or more processor readable storage devices 
according to claim 32, wherein: said nested members include members of multiple 
levels of nested groups; said step of determining nested members includes recursively 
determining members of group members (column 20, lines 16-51; fig. 22 and 23; 
column 17, lines 36-48; column 8, lines 1-31); said first group and nested groups of said 
first group include rules defining criteria for being dynamic members; and said step of 
determining dynamic members includes determining a normalized set of said rules and 
determining which users are defined by said normalized set of said rules, said users 
defined by said normalized set of said rules are said dynamic members of said first 
group (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; column 8, lines 1- 
31). 

Regarding claim 34, Hayes one or more processor readable storage devices 
according to claim 32, wherein: said nested members include members of multiple 
levels of nested groups; and said steps of determining nested members, determining 
static members and determining dynamic members are performed by an integrated 
identity and access system (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36- 
48; column 8, lines 1-31). 

Regarding claim 35, Hayes one or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, 
said processor readable code for programming one or more processors to perform a 
method comprising the steps of: determining dynamic members of a first group (column 
20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; column 8, lines 1-31); storing an 
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identification of each of said dynamic members of said first group; and receiving a 
request to report members of said first group, said request is received subsequent to 
said step of storing (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; 
column 8, lines 1-31 ); and reporting said dynamic members of said first group in 
response to said request, said reporting of said dynamic members is performed based 
on said stored identification of said dynamic members(column 20, lines 16-51; fig. 22 
and 23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 36, Hayes one or more processor readable storage devices 
according to claim 35, wherein: said first group includes one or more static members; 
and said step of reporting includes reporting said static members (column 20, lines 16- 
51; fig. 22 and 23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 37, Hayes one or more processor readable storage devices 
according to claim 36, wherein: said steps of determining and storing are automatically 
repeated (column 20, lines 16-51; column 18, lines 36-67). 

Regarding claim 38, Hayes one or more processor readable storage devices 
according to claim 36, wherein: said steps of determining, storing and receiving are 
performed by an integrated identity and access system (column 20, lines 16-51; column 
8, lines 32-55). 

Regarding claim 39, Hayes one or more processor readable storage devices 
according to claim 36, wherein said method further comprises the steps of: determining 
nested members of said first group, said nested members include members of multiple 
levels of nested groups (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; 
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column 8, lines 1-31); and storing an identification of each of said nested members of 
said first group, said step of reporting includes reporting said nested members based on 
said stored identification of said nested members (column 20, lines 16-51 ; fig. 22 and 
23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 40, Hayes an apparatus that can determine members of a 
group, comprising: a communication interface; and one or more processor in 
communication with said communication interface, said one or more processor perform 
a method comprising the steps of: determining nested members of a first group, and 
reporting said nested members of said first group (column 20, lines 16-51 ; fig. 22 and 
23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 41, Hayes an apparatus according to claim 40, wherein: said 
nested members include members of multiple levels of nested groups (column 20, lines 
16-51; fig. 22 and 23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 42, Hayes an apparatus according to claim 41, wherein said 
method further comprises the steps of: determining static members of said first group; 
determining dynamic members of said first group; and reporting said static members 
and said dynamic members of said first group (column 20, lines 16-51 ; fig. 22 and 23; 
column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 43, Hayes an apparatus according to claim 42, wherein: said 
first group and nested groups of said first group include rules defining criteria for being 
dynamic members; and said step of determining dynamic members includes 
determining a normalized set of said rules and determining which users are defined by 
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said normalized set of said rules, said users defined by said normalized set of said rules 
are said dynamic members of said first group (column 20, lines 16-51 ; fig. 22 and 23; 
column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 44, Hayes an apparatus that can determine members of a 
group, comprising: a communication interface; and one or more processor in 
communication with said communication interface, said one or more processor perform 
a method comprising the steps of: determining dynamic members of a first group, said 
first group includes one or more static members, storing an identification of each of said 
dynamic members of said first group, and receiving a request to report members of said 
first group, said request is received subsequent to said step of storing, and reporting 
said static members and said dynamic members of said first group in response to said 
request, said reporting of said dynamic members is performed based on said stored 
identification of said dynamic members (column 20, lines 16-51; fig. 22 and 23; column 
17, lines 36-48; column 8, lines 1-31; fig. 2). 

Regarding claim 45, Hayes an apparatus according to claim 44, wherein: said 
steps of determining and storing are automatically repeated (column 20, lines 16-51; fig. 
22 and 23; column 17, lines 36-48; column 8, lines 1-31). 

Regarding claim 46, Hayes an apparatus according to claim 44, wherein: said 
steps of determining, storing and receiving are performed by an integrated identity and 
access system (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; column 
8, lines 1-31). 
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Regarding claim 47, Hayes an apparatus according to claim 44, wherein said 
method further comprises the steps of: determining nested members of said first group, 
said nested members include members of multiple levels of nested groups; and storing 
an identification of each of said nested members of said first group, said step of 
reporting includes reporting said nested members based on said stored identification of 
said nested members (column 20, lines 16-51; fig. 22 and 23; column 17, lines 36-48; 
column 8, lines 1-31). 
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Conclusion 

6. Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Jude Jean-Gilles whose telephone number is (571 ) 272-3914. 
The examiner can normally be reached on Monday-Thursday and every other Friday 
from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David Wiley, can be reached on (571 ) 272-3923. The fax phone number for 
the organization where this application or proceeding is assigned is (703) 305-3719. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 305- 
3900. 



Jude Jean-Gilles 



Patent Examiner 



Art Unit 2143 
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August 20, 2005 





WILLIAM C. VAUGHN, JR 
PRIMARY EXAMINER ' 



